Microsoft Security Researcher - Microsoft Defender Cloud Apps 

Israel, Tel Aviv District, Tel Aviv-Yafo 

757253183

• You have at least 5+ years of experience in cyber security with a background in the modern attacker kill-chain, MITRE ATT&CK, and emerging enterprise threats including attacks against SaaS Apps (Sharepoint, Exchange, Entra ID), Oauth Apps, Enterprise Apps.
• You have BS or equivalent experience in computer science, engineering, or information technology.
• You have understand and deep knowledge of few commonly used attack tools and frameworks used by Redteam Proficient in at least one programming language such as Python, C#, or C++.
• You have excellent cross-group and interpersonal skills, with the ability to articulate the business need for product improvements and a desire to engage directly with customers. Experience working with and manipulating large data sets (i.e. billions of events per day).

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check:
- This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Offensive security research experience for cloud-based attacks. Industry recognized author of security research papers, blogs, presentations, or books. SOC or blue team experience involving the hunting and discovery of adversaries in enterprise environments.

• Perform financial motivated attacker tradecraft research and threat landscape investigation across cloud-based attacks spanning permissions, identities, applications, and data.
• Partner with engineers and data scientists in a geographically distributed team to deliver innovative new product capabilities.
• Threat hunting to discover real world advanced attacks together with designing and implementing automated detection and hunting analytics combining alerts and signals across Microsoft Defender security products.
• Contribute to active engagement with the security ecosystem through papers, presentations, and blogs.
• Provide subject matter expertise to customers based on industry attack trends and product capabilities.